AtaraxiaDev/nixos-config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: add syncyomi service

Browse Source
This commit is contained in:
Dmitriy Kholkin 2025-07-08 20:09:57 +03:00
parent 43694be7b8
commit 5953860a63
Signed by: AtaraxiaDev
GPG Key ID: FD266B810DF48DF2
3 changed files with 60 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
hosts/orion/default.nix
View File

@ -106,6 +106,7 @@
ataraxia.security.acme.enable = true;
ataraxia.services.authentik.enable = true;
ataraxia.services.gitea.enable = true;
ataraxia.services.syncyomi.enable = true;
ataraxia.services.vaultwarden.enable = true;
ataraxia.virtualisation.guests = {

34
modules/nixos/services/syncyomi.nix Normal file
View File

@ -0,0 +1,34 @@
{
config,
lib,
inputs,
secretsDir,
...
}:
let
inherit (lib) mkEnableOption mkIf mkOption;
inherit (lib.types) str;
cfg = config.ataraxia.services.syncyomi;
in
{
imports = [ inputs.ataraxiasjel-nur.nixosModules.syncyomi ];
options.ataraxia.services.syncyomi = {
enable = mkEnableOption "Enable syncyomi service";
sopsDir = mkOption {
type = str;
default = config.networking.hostName;
description = ''
Name for sops secrets directory. Defaults to hostname.
'';
};
};
config = mkIf cfg.enable {
sops.secrets.syncyomi.sopsFile = secretsDir + /${cfg.sopsDir}/syncyomi.yaml;
services.syncyomi.enable = true;
services.syncyomi.configFile = config.sops.secrets.syncyomi.path;
networking.firewall.allowedTCPPorts = [ 8282 ];
};
}

25
secrets/orion/syncyomi.yaml Normal file
View File

@ -0,0 +1,25 @@
syncyomi: ENC[AES256_GCM,data:DRx/E4S4IEVp4uFT2STjsv79bFZk+RGfv9EDYHiCOdkUr6TaA4fcF17fWD2VX2HshnU4dTnlOG/Z27/eygixkXjlFOIcSXuZZIv+Pttxl/r0cgI7NM8fGh3rn2Id34gIpRpmW34VwIU3EU9ctwBwTmsbpM2zMBbXKTXyr/mWuLCqc6WiSHlz1mJaHmMUW6uidj5WbnoJ0KamLlJtkZz0P0v+CczMhon6d9S2xWJ3qi/Tt15jTldEkKBZ+sNag9yAUc5dSPvNRGXsq5NAtqIIXpIVdDvBHKXLtlkeDroHFidyRlBsUJ9ZmpMNyZvBAngzspRQuPJAWcvMOp2EtpxwiReDk3n9UNPkwmj5ZOPwDixwjoriV9fHFOdHRFqICWEJbRMLwj+NHnkxa5vZI8f9WCfwjk3npbgQ1yY+GxBlv5iVBIacG/QmOZjpy9X1WURFGev6tHcL9KBRg2sx0hDR+qO1f4t8KWE8unS9xFBMiynsDsX46XIY1YeXXGfjZRiSZYTmenkUvXfkhijBmlLAW38=,iv:OAUDQhm5aQwjUa0vn03PzWOrZlJiFdPYGdZPDV/lFRs=,tag:71OvVXwwIl93mC4EpTAmzA==,type:str]
sops:
age:
- recipient: age13phpsegg6vu7a34ydtfa9s904dfpgzqhzru7epnky7glezk0xvkst9qh6h
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDU0swYlJZalNxYWZHcDAv
RnhsbFZhN2NsMkxXUWdDL0R6aEcvTFZCTUJZCjNpaWxYVXZ5T3NCVTBkZnVPa2ZG
U1RWcUxwRkVGSDhVdEtOcmpSWUxNR00KLS0tIGRHUHJCUjJuU3lZQnlZU1N0Q3Iy
UUxOMmIzMUcxdmdBR2tHZUdjd2FBeWsKqGJ0Globcl/6eEAk4ICtvqIKBvTlXiot
hwysXkcNqiSvaETLFWmrwtd+zLAuwb9320QBB5J1PgyU4onbMq5c4w==
-----END AGE ENCRYPTED FILE-----
- recipient: age1m5msm7rgqye2q9zesgedg0emga4ntehlr629786lrxs3rhk0squq0ly9je
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHdVNnbTVzWGJ5aWtWOVdW
bURQWXB5S0JCVFcxMGF6Y3R5czJQV2txTXhJCklOZW5VTzNtQ2ZTbWRFYTJsRTBo
QjJ3WW5WcFlVeG0wQ1N5WW9QcXZ5a1UKLS0tIDJ6Zkk2UHFHYU1CVlIvRmh4ZW0y
K3pwd2JyZUVpRXh5YTkxMGFBR2dHVWcKXphBeCwSow+8ETCKx4AZ3xEiOQHMmAHC
qmPDJM94dt9dXFBWZ1hlf3k5keAqicQzmvFfj0jaEs2wKbrRiXFAVQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-04-17T20:20:57Z"
mac: ENC[AES256_GCM,data:K68jXgp7l8hHkBLD/XoQmaN9gYDXdFbH30SOoeUaw2u0bIUbTopMTu1hfO405F/bHQ3N0JIJb7fYz0dqD2QvfvcI2HAIb2ZAeR8Z7IVmVyNZRuttzLCJ2KeW3DGkVh1QHdyM5lbYyiPunm3tTArhHKM7Bf8W9pXbN+k4p+L2ZLM=,iv:26Pvkq6PUWqWkshzZUJOGY4wor2nFvbEza8dWUf8Cl4=,tag:JGUGDqI5QfjdJoimr4uAEw==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.1